External random generator#


mbedtls_psa_external_get_random(mbedtls_psa_external_random_context_t *context, uint8_t *output, size_t output_size, size_t *output_length)

External random generator function, implemented by the platform.

Function Documentation#


psa_status_t mbedtls_psa_external_get_random (mbedtls_psa_external_random_context_t * context, uint8_t * output, size_t output_size, size_t * output_length)

External random generator function, implemented by the platform.


Pointer to the random generator context. This is all-bits-zero on the first call and preserved between successive calls.


Output buffer. On success, this buffer contains random data with a uniform distribution.


The size of the output buffer in bytes.


On success, set this value to output_size.

When the compile-time option #MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG is enabled, this function replaces Mbed TLS's entropy and DRBG modules for all random generation triggered via PSA crypto interfaces.


  • This random generator must deliver random numbers with cryptographic quality and high performance. It must supply unpredictable numbers with a uniform distribution. The implementation of this function is responsible for ensuring that the random generator is seeded with sufficient entropy. If you have a hardware TRNG which is slow or delivers non-uniform output, declare it as an entropy source with mbedtls_entropy_add_source() instead of enabling this option.

Definition at line 671 of file util/third_party/mbedtls/include/psa/crypto_extra.h